software/headless-chromium: improve monitoring

I originally forgot to extend the monitoring stack, and the monitor
httpd port was previously not configurable.

Also, I refactored a few comments to have reasonable line-widths.

software/headless-chromium/buildout.hash.cfg

 [template-cfg]
 filename = instance.cfg.in
-md5sum = aadc99d22fc3bcb38c852810370ceaac
+md5sum = 545f6bf83ca292e5807bad0cd82acdcb
 
 [instance-headless-chromium]
 _update_hash_filename_ = instance-headless-chromium.cfg.in
-md5sum = 5e7f9536c2ca28435dccb1fd0bff5bc9
+md5sum = b02bedc67adf1b1ffe1e0b81f10deb53
 
 [template-nginx-conf]
 _update_hash_filename_ = templates/nginx.conf.in
-md5sum = e11ebfe3577da4591e850bd317ea70fb
+md5sum = c3e8a9cc2267182c182352f2431b109b

software/headless-chromium/instance-headless-chromium.cfg.in

@@ -13,6 +13,9 @@ eggs-directory = {{ buildout['eggs-directory'] }}
 develop-eggs-directory = {{ buildout['develop-eggs-directory'] }}
 offline = true
 
+# Extend monitoring stack.
+extends = {{ parameter_list['template-monitor'] }}
+
 # Create necessary directories.
 [directory]
 recipe = slapos.cookbook:mkdirectory
@@ -23,6 +26,7 @@ etc = ${:home}/etc
 ssl = ${:etc}/ssl
 service = ${:etc}/service
 
+# Options for instance configuration.
 [headless-chromium]
 ipv4 = {{ partition_ipv4 }}
 ipv6 = {{ partition_ipv6 }}
@@ -109,7 +113,9 @@ recipe = slapos.cookbook:generate.password
 username = admin
 bytes = 12
 
-# TODO: If we need to add replicate instances, I'm not sure that storing all the passwords in etc/.htpasswd will do, especially given that they all have the same default username...
+# TODO: If we need to add replicate instances, I'm not sure that storing
+# all the passwords in etc/.htpasswd will do, especially given that they
+# all have the same default username...
 [generate-passwd-file]
 recipe = plone.recipe.command
 command =
@@ -140,6 +146,9 @@ config-type = websocket
 config-websocket-path-list = /devtools
 return = domain secure_access
 
+[monitor-instance-parameter]
+monitor-httpd-port = {{ parameter_dict['monitor-httpd-port'] }}
+
 # Old-style promise to make sure that the CDN is properly configured.
 [frontend-promise]
 <= monitor-promise-base

software/headless-chromium/instance.cfg.in

@@ -32,7 +32,8 @@ default-parameters =
   {
     "remote-debugging-port": 8081,
     "nginx-proxy-port": 8082,
-    "target-url": "https://www.example.com"
+    "target-url": "https://www.example.com",
+    "monitor-httpd-port": 8083
   }
 
 [switch-softwaretype]

software/headless-chromium/templates/nginx.conf.in

@@ -37,12 +37,19 @@ http {
     location / {
       proxy_http_version 1.1;
 
-      # The proxy must set the Host header to an IP address, since the headless Chromium shell refuses to run otherwise, for security reasons.
+      # The proxy must set the Host header to an IP address, since the
+      # headless Chromium shell refuses to run otherwise, for security
+      # reasons.
       # See https://bugs.chromium.org/p/chromium/issues/detail?id=813540.
       proxy_set_header Host {{ param_headless_chromium['remote-debugging-address'] }};
       proxy_pass http://{{ param_headless_chromium['remote-debugging-address'] }};
 
-      # The browser security policy will prevent us from loading the Websocket connection without TLS, so we have to go through the frontend CDN URL. The tricky thing is that the frontend URL is not available yet when this file is built; what we do instead is use the given Host header. This is possibly fragile; perhaps alternatives are worth investigating.
+      # The browser security policy will prevent us from loading the
+      # Websocket connection without TLS, so we have to go through the
+      # frontend CDN URL. The tricky thing is that the frontend URL is
+      # not available yet when this file is built; what we do instead is
+      # use the given Host header. This is possibly fragile; perhaps
+      # alternatives are worth investigating.
       sub_filter "ws={{ param_headless_chromium['remote-debugging-address'] }}" "wss=$host";
       sub_filter_once on;
       sub_filter_types application/json;